Articles about Ransomware

The ransomware threat is very real with attacks growing in size and frequency, in part, because of the acceleration of digital transformation initiatives and the move to embrace digital services as well as the rapid implementation of hybrid ways of working.

As new digital systems required multiple access points for customers, partners, and employees, this has created a vastly expanded attack surface. This has hastened the rise in ransomware attacks, as attackers quickly took advantage of the increased number of possible attack vectors. 

Continue reading →

A new report from Enterprise Strategy Group (ESG), sponsored by Keepit, shows that granular and air-gapped backup are critical to data recovery when businesses are hit by ransomware.

Of more than 600 respondents to the survey, 79 percent have experienced a ransomware attack within the last year, with 17 percent experiencing attacks weekly and 13 percent daily.

Continue reading →

The threat landscape continues to see rapid evolution, especially as the digital world grows increasingly connected and more organizations outsource business services. Adversaries are getting smarter, and their techniques are getting more advanced by the day. This has put a spotlight on the security of our global supply chain and how unstable and unprotected it is.

In fact, software supply chain attacks have tripled in 2021. The potential ripple effects of risks and disruptions within an organization’s supply chain that could ultimately impact their business are immense. Research shows that a data breach affecting multiple parties causes 26X the financial damage of the worst single-party breach.

Continue reading →

When it comes to ransomware, sometimes the cost of downtime can exceed the cost of paying up. Companies with frozen data and systems face loss of revenue, productivity, customer departures, damaged reputations, never mind the cost of the ransom itself. Take an organization like Colonial Pipeline, which should have had healthy backups in place to quickly recover from their attack and most likely did. However, they opted to shell out $4.4 million in ransom because they didn’t know how long it would take to get up and running again. 

And according to ITIC's 2021 Hourly Cost of Downtime survey, one hour of a server being inoperable costs $300,000 or more for 91 percent percent of mid-sized and large enterprises. 

Continue reading →

A new Risk Insights Index released today by Corvus Insurance reveals that the rate of ransomware claims reached in the final quarter of last year was just half of the peak seen in Q1.

At the same time the average ransom paid was around $167k, 44.2 percent less than the Q3 figure. Fewer ransoms are being paid compared to those demanded too. The percentage for the last quarter of 2021 held steady in the low twenties, down significantly from figures that once were over 50 percent. As recently as Q3 2020, the ratio was 44 percent.

Continue reading →

A new survey of more than 1,200 security leaders reveals they've seen an increase in cyberattacks while their teams are facing widening talent gaps.

According to the latest State of Security report from Splunk 65 percent of respondents say they have seen an increase in attempted cyberattacks. In addition, many have been directly impacted by data breaches and costly ransomware attacks, which have left security teams exhausted.

Continue reading →

Early ransomware campaigns relied on sending out large volumes of emails in so called 'spray-and-pray' attacks.

But a new report released today by Cybereason highlights the rise of sophisticated RansomOps attacks that are allowing ransomware syndicates to reap the benefits of record profits.

Continue reading →

A record 71 percent of organizations were impacted by successful ransomware attacks last year, according to the 2022 Cyberthreat Defense Report (CDR) from CyberEdge Group, up from 55 percent in 2017.

Of those that fell victim, almost two-thirds (63 percent) paid the requested ransom, up from 39 percent in 2017.

Continue reading →

Ransomware made news headlines worldwide earlier this month after a successful attack against one of Toyota Motor Corp.’s parts suppliers forced the automaker to shut down 14 factories in Japan for a day, halting their combined output of around 13,000 vehicles.

That attack was the latest example of the threat ransomware poses to all industries. The most recent edition of SonicWall’s annual threat report states that the volume of ransomware attacks in 2021 has risen 231.7 percent since 2019. And an advisory jointly issued by the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA reveals the latest trend is ransomware as a service -- gangs of bad actors essentially "franchising" their ransomware tools and techniques to less organized or less skilled hackers.

Continue reading →

New research from Splunk's SURGe team looks at how quickly ten major ransomware strains, including Lockbit, Revil and Blackmatter, can encrypt 100,000 files.

The research shows that the median ransomware variant can encrypt nearly 100,000 files totaling 53.93GB in 42 minutes and 52 seconds. Encryption speeds vary between ransomware variants though with individual ransomware samples ranging from four minutes to three and a half hours to encrypt the same data.

Continue reading →

The number of malicious web application requests grew 88 percent between 2020 and 2021, with broken access control and injection attacks making up over 75 percent of them.

The latest threat analysis report from Radware shows the most attacked industries were banking and finance, along with SaaS providers, together accounting for more than 28 percent of web application attacks.

Continue reading →

Humans are often the weak link in the cybersecurity chain, but it's human capabilities that are also key to dealing with attacks and their aftermath, according to a new report from Immersive Labs.

The inaugural Cyber Workforce Benchmark report analyzed cyber knowledge, skills and judgment from over half a million exercises and simulations run by more than 2,100 organizations over the last 18 months.

Continue reading →

The financial, operational, and reputational risks of ransomware make it the top threat facing financial services organizations, a new report from F-Secure says.

The three most common routes used to spread ransomware are phishing, exposed remote desktop protocol (RDP) ports, and the exploitation of vulnerable software.

Continue reading →

Only 23 percent of board of directors consider ransomware to be their top priority. Yet 59 percent of organizations have fallen victim to ransomware.

A new study from email security company Egress, independently conducted by Arlington Research, polled 500 IT leaders across the US and UK. It finds 52 percent of organizations allocate less than a quarter of their security budget to anti-phishing measures, yet 84 percent were hit by phishing and 42 percent had credentials stolen.

Continue reading →

In the past five years 85 percent of organizations have suffered a ransomware incident, while 74 percent have had more than one.

A new report from ExtraHop based on a survey conducted by Wakefield Research shows that 77 percent of IT decision makers are very or completely confident in their company's ability to prevent or mitigate cybersecurity threats.

Continue reading →